CVE-2019-0027 - OpenCVE

A persistent cross-site scripting (XSS) vulnerability in the Snort Rules configuration of Juniper ATP may allow authenticated user to inject arbitrary script and steal sensitive data and credentials from a web administration session, possibly tricking a follow-on administrative user to perform administrative actions on the device. This issue affects Juniper ATP 5.0 versions prior to 5.0.3.

No CVSS v4.0

No CVSS v3.1

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Changed

Confidentiality Impact Low

Integrity Impact Low

Availability Impact None

User Interaction Required

Access Vector Network

Access Complexity Medium

Authentication Single

Confidentiality Impact None

Integrity Impact Partial

Availability Impact None

AV:N/AC:M/Au:S/C:N/I:P/A:N

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Juniper	Advanced Threat Prevention Atp400 Atp700

Configuration 1 [-]

AND

cpe:2.3:o:juniper:advanced_threat_prevention:*:*:*:*:*:*:*:*

OR	cpe:2.3:h:juniper:atp400:-:::::::*
	cpe:2.3:h:juniper:atp700:-:::::::*

No data.

References

Link	Providers
https://kb.juniper.net/JSA10918

History

No history.

MITRE

Status: PUBLISHED

Assigner: juniper

Published: 2019-01-15T21:00:00Z

Updated: 2024-09-17T00:21:24.078Z

Reserved: 2018-10-11T00:00:00

Link: CVE-2019-0027

Vulnrichment

No data.

NVD

Status : Modified

Published: 2019-01-15T21:29:01.917

Modified: 2019-10-09T23:43:32.803

Link: CVE-2019-0027

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "Juniper ATP", "vendor": "Juniper Networks", "versions": [{"lessThan": "5.0.3", "status": "affected", "version": "5", "versionType": "custom"}]}], "datePublic": "2019-01-09T00:00:00", "descriptions": [{"lang": "en", "value": "A persistent cross-site scripting (XSS) vulnerability in the Snort Rules configuration of Juniper ATP may allow authenticated user to inject arbitrary script and steal sensitive data and credentials from a web administration session, possibly tricking a follow-on administrative user to perform administrative actions on the device. This issue affects Juniper ATP 5.0 versions prior to 5.0.3."}], "exploits": [{"lang": "en", "value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."}], "metrics": [{"cvssV3_0": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", "version": "3.0"}}], "problemTypes": [{"descriptions": [{"description": "XSS", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2019-01-15T20:57:01", "orgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968", "shortName": "juniper"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://kb.juniper.net/JSA10918"}], "solutions": [{"lang": "en", "value": "The following software release have been updated to resolve this specific issue: 5.0.3 and all subsequent releases."}], "source": {"advisory": "JSA10918", "defect": ["1365605"], "discovery": "INTERNAL"}, "title": "Juniper ATP: Persistent Cross-Site Scripting vulnerability in Snort Rules configuration", "workarounds": [{"lang": "en", "value": "There are no known workarounds for this issue, however limit the access to only trusted administrators from trusted administrative networks or hosts would minimize the risk."}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "sirt@juniper.net", "DATE_PUBLIC": "2019-01-09T17:00:00.000Z", "ID": "CVE-2019-0027", "STATE": "PUBLIC", "TITLE": "Juniper ATP: Persistent Cross-Site Scripting vulnerability in Snort Rules configuration"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Juniper ATP", "version": {"version_data": [{"affected": "<", "version_affected": "<", "version_name": "5", "version_value": "5.0.3"}]}}]}, "vendor_name": "Juniper Networks"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "A persistent cross-site scripting (XSS) vulnerability in the Snort Rules configuration of Juniper ATP may allow authenticated user to inject arbitrary script and steal sensitive data and credentials from a web administration session, possibly tricking a follow-on administrative user to perform administrative actions on the device. This issue affects Juniper ATP 5.0 versions prior to 5.0.3."}]}, "exploit": [{"lang": "en", "value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."}], "impact": {"cvss": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", "version": "3.0"}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "XSS"}]}]}, "references": {"reference_data": [{"name": "https://kb.juniper.net/JSA10918", "refsource": "CONFIRM", "url": "https://kb.juniper.net/JSA10918"}]}, "solution": [{"lang": "en", "value": "The following software release have been updated to resolve this specific issue: 5.0.3 and all subsequent releases."}], "source": {"advisory": "JSA10918", "defect": ["1365605"], "discovery": "INTERNAL"}, "work_around": [{"lang": "en", "value": "There are no known workarounds for this issue, however limit the access to only trusted administrators from trusted administrative networks or hosts would minimize the risk."}]}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T17:37:07.550Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://kb.juniper.net/JSA10918"}]}]}, "cveMetadata": {"assignerOrgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968", "assignerShortName": "juniper", "cveId": "CVE-2019-0027", "datePublished": "2019-01-15T21:00:00Z", "dateReserved": "2018-10-11T00:00:00", "dateUpdated": "2024-09-17T00:21:24.078Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:juniper:advanced_threat_prevention:*:*:*:*:*:*:*:*", "matchCriteriaId": "54B5A612-9ACC-4A7F-A34F-47B1BDA85A03", "versionEndExcluding": "5.0.3", "versionStartIncluding": "5.0.0", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:juniper:atp400:-:*:*:*:*:*:*:*", "matchCriteriaId": "0A96949A-031D-4E05-8915-1A6D6BE645E0", "vulnerable": false}, {"criteria": "cpe:2.3:h:juniper:atp700:-:*:*:*:*:*:*:*", "matchCriteriaId": "29D8A7A3-2DFB-4752-8509-451247A1D5D1", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "cveTags": [], "descriptions": [{"lang": "en", "value": "A persistent cross-site scripting (XSS) vulnerability in the Snort Rules configuration of Juniper ATP may allow authenticated user to inject arbitrary script and steal sensitive data and credentials from a web administration session, possibly tricking a follow-on administrative user to perform administrative actions on the device. This issue affects Juniper ATP 5.0 versions prior to 5.0.3."}, {"lang": "es", "value": "Una vulnerabilidad Cross-Site Scripting (XSS) persistente en el men\u00fa de configuraci\u00f3n de reglas de Snort de Juniper ATP podr\u00eda permitir que un usuario autenticado inyecte scripts arbitrarios y robe datos sensibles y credenciales de una sesi\u00f3n de administraci\u00f3n web, enga\u00f1ando posiblemente a un usuario administrativo posterior para que realice acciones de administrador en el dispositivo. Este problema afecta a Juniper ATP en versiones 5.0 anteriores a la 5.0.3."}], "id": "CVE-2019-0027", "lastModified": "2019-10-09T23:43:32.803", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "LOW", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "NONE", "baseScore": 3.5, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 6.8, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", "version": "3.0"}, "exploitabilityScore": 2.3, "impactScore": 2.7, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", "version": "3.0"}, "exploitabilityScore": 2.3, "impactScore": 2.7, "source": "sirt@juniper.net", "type": "Secondary"}]}, "published": "2019-01-15T21:29:01.917", "references": [{"source": "sirt@juniper.net", "tags": ["Patch", "Vendor Advisory"], "url": "https://kb.juniper.net/JSA10918"}], "sourceIdentifier": "sirt@juniper.net", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-79"}], "source": "nvd@nist.gov", "type": "Primary"}]}